Models and Types for Security in Mobile Distributed Systems

Objetivo

Peer-to-peer computing on the Internet, mobile code downloading, and e-Commerce are already ubiquitous aspects of our computing environments. Casting a view to the immediate future, we see a global computational infrastructure emerging that will rely on the sharing of an open-ended distributed network of mobile resources among mobile computing agents. This infrastructure can only be successful insomuch as it provides adequate security guarantees of secrecy, integrity, availability, and more.
MyThS seeks to develop type-based foundational theories of security for mobile and distributed systems. By relying on strong typing as the basic principle, MyThS addresses the foundations of programming languages and paradigms that allow static detection of security violations, and aims at developing type theoretic methods and tools that enable formal analyses of security guarantees appropriate for systems and applications on the global computing platform.
Peer-to-peer computing on the Internet, mobile code downloading, and e-Commerce are already ubiquitous aspects of our computing environments. Casting a view to the immediate future, we see a global computational infrastructure emerging that will rely on the sharing of an open-ended distributed network of mobile resources among mobile computing agents. This infrastructure can only be successful insomuch as it provides adequate security guarantees of secrecy, integrity, availability, and more.
MyThS seeks to develop type-based foundational theories of security for mobile and distributed systems. By relying on strong typing as the basic principle, MyThS addresses the foundations of programming languages and paradigms that allow static detection of security violations, and aims at developing type theoretic methods and tools that enable formal analyses of security guarantees appropriate for systems and applications on the global computing platform.

DESCRIPTION OF WORK
MyThS is undertaken by a small consortium of partners that reflects the very focused nature of the project and its objectives. The workplan of the project unfolds in three major themes: resource access control, information flow control, and analysis of cryptographic protocols. These are central, challenging themes for the global computing area, with far-reaching impact on the development of high-level, reliable, network-aware programming languages. Two notions will be pivotal throughout the themes: model and types. Based on high-level process calculi, MyThS will develop formal models for distributed and mobile code environments. Such models will be defined so as to address the diverse requirements for secure communication and mobility in open-ended networks with highly dynamic topologies, in which cryptography is a necessary prerequisite for security. The fundamental vehicle for ensuring security will be provided by typing systems, intended both as prescriptive and descriptive tools, capable of constraining and characterising agents' behaviours and interactions. They will be used to enforce and analyse security properties in each of our themes of investigation. By weaving together these hitherto independent contexts, MyThS will form a broad, coherent foundation for trustworthy communication in a global environment.
The absence of central coordination, typical of the global computing network, will be a fundamental challenge for typing, as agents will not be able to trust that network objects comply with any given set of rules. MyThS will make provision for type systems to cope with this, by amalgamating techniques for static typing with new mechanisms for decentralised (dynamic) type-checking of distributed computing sites and migrating agents. Strong typing will provide formal guarantees of resilience against intended or accidental violations, and thus lay the foundations for the design of robust, high-level programming paradigms for global computing.

Ámbito científico (EuroSciVoc)

CORDIS clasifica los proyectos con EuroSciVoc, una taxonomía plurilingüe de ámbitos científicos, mediante un proceso semiautomático basado en técnicas de procesamiento del lenguaje natural. Véas: El vocabulario científico europeo..

• ciencias naturales informática y ciencias de la información software
• ciencias naturales informática y ciencias de la información seguridad informática control de acceso
• ciencias naturales matemáticas matemáticas puras topología
• ciencias naturales informática y ciencias de la información seguridad informática criptografía
• ciencias naturales ciencias físicas mecánica clásica mecánica de fluidos dinámica de fluidos

Programa(s)

Programas de financiación plurianuales que definen las prioridades de la UE en materia de investigación e innovación.

• FP5-IST - Programme for research, technological development and demonstration on a "User-friendly information society, 1998-2002"

Tema(s)

Las convocatorias de propuestas se dividen en temas. Un tema define una materia o área específica para la que los solicitantes pueden presentar propuestas. La descripción de un tema comprende su alcance específico y la repercusión prevista del proyecto financiado.

• IST-2001-6.2.2 - Global computing: co-operation of autonomous and mobile entities in dynamic environments

Convocatoria de propuestas

Procedimiento para invitar a los solicitantes a presentar propuestas de proyectos con el objetivo de obtener financiación de la UE.

Régimen de financiación

Régimen de financiación (o «Tipo de acción») dentro de un programa con características comunes. Especifica: el alcance de lo que se financia; el porcentaje de reembolso; los criterios específicos de evaluación para optar a la financiación; y el uso de formas simplificadas de costes como los importes a tanto alzado.

CSC - Cost-sharing contracts

Coordinador

Participantes (2)